Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/JculXqcXgrvsUcg6BO9Udtyz0gc.roa
File: JculXqcXgrvsUcg6BO9Udtyz0gc.roa (raw, json)
Hash identifier: GEBtcl/J8X4R+jr+LYscemjF3gS7CNhwHK7uWYaDJbU=
Subject key identifier: 25:CB:A5:5E:A7:17:82:BB:EC:51:C8:3A:04:EF:54:76:DC:B3:D2:07
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019A3D9C948F9E08DC4CACF539B1BE8177BC
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/JculXqcXgrvsUcg6BO9Udtyz0gc.roa
Signing time: Sat 01 Nov 2025 04:11:03 +0000
ROA not before: Sat 01 Nov 2025 04:11:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 14.102.227.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
43.242.136.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
89.106.16.0/24 maxlen: 24
89.106.18.0/24 maxlen: 24
89.106.21.0/24 maxlen: 24
89.106.22.0/24 maxlen: 24
89.106.23.0/24 maxlen: 24
94.229.218.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
103.102.132.0/24 maxlen: 24
124.158.112.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Nov 2025 18:16:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3d:9c:94:8f:9e:08:dc:4c:ac:f5:39:b1:be:81:77:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Nov 1 04:11:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25cba55ea71782bbec51c83a04ef5476dcb3d207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e9:fd:17:d6:3e:56:0c:b6:f4:6b:63:6c:a6:
04:c7:f9:7d:03:82:c0:ef:f7:99:d7:d0:c2:9c:ed:
6a:60:01:4b:38:85:0a:3b:3e:02:0c:9a:1c:2c:69:
13:55:56:be:4a:27:c7:62:1b:ed:da:3d:d3:03:9a:
52:59:8f:34:50:8e:f9:84:41:90:dc:2d:7f:fc:d9:
56:e8:f4:dd:cd:9d:d2:3e:4a:65:e5:ad:87:b4:4c:
4c:b4:f3:44:ce:90:6e:17:9f:a7:d9:ba:5a:3a:9a:
72:e5:01:d7:aa:5f:94:22:ba:eb:7a:82:c3:db:38:
9c:ba:33:7c:d5:7e:61:ad:77:09:6e:50:d0:ae:3a:
aa:51:fd:99:d9:17:8e:f0:62:96:cc:6d:5b:f8:65:
f1:8c:4b:33:ea:da:2c:d0:3a:e3:02:38:0b:6a:21:
6d:fd:15:b3:e3:31:3f:01:b6:10:9b:eb:38:77:5f:
c9:91:d0:22:57:25:28:60:2f:65:f9:00:61:be:f4:
e3:17:e1:69:1c:4b:59:ea:1a:22:7d:d0:fd:5b:ee:
d2:e4:3a:40:57:64:09:31:aa:6d:ad:3f:a2:56:db:
c2:3a:cb:eb:d4:a9:65:61:4e:33:4f:12:71:e2:38:
5d:e0:9c:f7:ad:8a:65:ca:c9:2b:f8:05:e8:15:36:
69:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CB:A5:5E:A7:17:82:BB:EC:51:C8:3A:04:EF:54:76:DC:B3:D2:07
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/JculXqcXgrvsUcg6BO9Udtyz0gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.227.0/24
14.102.234.0/24
43.242.136.0/24
45.151.140.0/24
89.106.16.0/24
89.106.18.0/24
89.106.21.0-89.106.23.255
94.229.218.0/24
94.229.222.0/24
103.102.132.0/24
124.158.112.0/24
194.36.33.0/24
Signature Algorithm: sha256WithRSAEncryption
72:6d:95:5f:1e:e4:f1:af:48:ce:38:ca:83:1b:12:67:e5:77:
43:36:f6:04:a1:28:ff:83:33:0f:27:35:43:83:40:fb:33:0e:
a9:09:d9:97:37:e7:05:be:d3:db:ec:1f:37:aa:91:2b:3e:12:
77:1a:3b:b1:92:40:6d:bd:2d:23:10:4a:a0:d1:e7:86:9f:c4:
6a:a8:9d:71:34:d4:fc:ea:fb:f3:82:85:e8:52:99:a3:20:2e:
6a:47:41:ff:56:34:42:c8:35:94:b3:65:84:dc:e8:9a:f8:75:
c3:5d:f7:1b:4e:8e:11:7e:34:a4:c4:42:4e:e5:f6:53:4f:64:
fb:c0:8b:b3:18:a4:59:db:ba:d3:09:1f:a2:20:05:31:d4:b5:
aa:96:55:1c:c2:b6:e3:79:0e:54:bb:2d:62:11:47:6d:31:f5:
63:ad:b9:9b:67:d7:9e:39:0d:ef:e2:4a:7b:9b:1e:a9:62:70:
36:4f:79:b9:4c:5f:88:be:b6:50:a6:9a:e8:69:26:12:a7:11:
0b:12:23:49:d4:91:62:6a:22:90:11:99:95:9e:88:fb:88:43:
74:fc:82:ab:93:d9:8f:56:ab:c0:22:83:3e:f5:86:76:41:92:
27:00:ba:52:d1:10:a8:9e:46:7d:c8:52:1e:73:51:03:5d:c0:
2d:15:a1:19
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZo9nJSPngjcTKz1ObG+gXe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUxMTAxMDQxMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNiYTU1ZWE3MTc4MmJiZWM1MWM4M2EwNGVmNTQ3NmRjYjNkMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmun9F9Y+Vgy29GtjbKYEx/l9A4LA
7/eZ19DCnO1qYAFLOIUKOz4CDJocLGkTVVa+SifHYhvt2j3TA5pSWY80UI75hEGQ
3C1//NlW6PTdzZ3SPkpl5a2HtExMtPNEzpBuF5+n2bpaOppy5QHXql+UIrrreoLD
2zicujN81X5hrXcJblDQrjqqUf2Z2ReO8GKWzG1b+GXxjEsz6tos0DrjAjgLaiFt
/RWz4zE/AbYQm+s4d1/JkdAiVyUoYC9l+QBhvvTjF+FpHEtZ6hoifdD9W+7S5DpA
V2QJMaptrT+iVtvCOsvr1KllYU4zTxJx4jhd4Jz3rYplyskr+AXoFTZp2wIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFCXLpV6nF4K77FHIOgTvVHbcs9IHMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvSmN1bFhxY1hncnZzVWNnNkJPOVVkdHl6MGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQADmbjAwQA
DmbqAwQAK/KIAwQALZeMAwQAWWoQAwQAWWoSMAwDBABZahUDBANZahADBABe5doD
BABe5d4DBABnZoQDBAB8nnADBADCJCEwDQYJKoZIhvcNAQELBQADggEBAHJtlV8e
5PGvSM44yoMbEmfld0M29gShKP+DMw8nNUODQPszDqkJ2Zc35wW+09vsHzeqkSs+
EncaO7GSQG29LSMQSqDR54afxGqonXE01Pzq+/OChehSmaMgLmpHQf9WNELINZSz
ZYTc6Jr4dcNd9xtOjhF+NKTEQk7l9lNPZPvAi7MYpFnbutMJH6IgBTHUtaqWVRzC
tuN5DlS7LWIRR20x9WOtuZtn1545De/iSnubHqlicDZPeblMX4i+tlCmmuhpJhKn
EQsSI0nUkWJqIpARmZWeiPuIQ3T8gquT2Y9Wq8Aigz71hnZBkicAulLREKieRn3I
Uh5zUQNdwC0VoRk=
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:09:39 2025 by rpki-client